pkg:Go/vitess.io/vitess

11 total CVEsMEDIUM7

✅ Check your installed version

All known vulnerabilities

  • MEDIUM4.9CVE-2024-53257Vitess allows HTML injection in /debug/querylogz & /debug/env
    from 0, < 0.19.8, >= 0.20.0, < 0.20.4, >= 0.21.0, < 0.21.1
  • MEDIUM4.9CVE-2024-53257Vitess allows HTML injection in /debug/querylogz & /debug/env
    >= 0.21.0-rc1, < 0.21.1
  • MEDIUM4.9CVE-2024-32886Denial of service attack by triggering unbounded memory usage in vitess.io/vitess
    from 0, < 0.17.7, >= 0.18.0, < 0.18.5, >= 0.19.0, < 0.19.4
  • MEDIUM4.9CVE-2024-32886Denial of service attack by triggering unbounded memory usage in vitess.io/vitess
    from 0, < 0.17.7
  • MEDIUM4.1CVE-2023-29195VTAdmin users that can create shards can deny access to other functions
    from 0, < 0.16.2
  • MEDIUM4.1CVE-2023-29194vitess allows users to create keyspaces that can deny access to already existing keyspaces
    from 0, < 0.16.1
  • MEDIUM4.1CVE-2023-29194vitess allows users to create keyspaces that can deny access to already existing keyspaces
    from 0, < 0.16.1
  • CVE-2026-27969Vitess users with backup storage access can write to arbitrary file paths on restore
    >= 0.23.0-rc1, < 0.23.3
  • CVE-2026-27969Vitess users with backup storage access can write to arbitrary file paths on restore
    from 0, < 0.22.4, >= 0.23.0-rc1, < 0.23.3
  • CVE-2026-27965Vitess users with backup storage access can gain unauthorized access to production deployment environments
    from 0, < 0.22.4, >= 0.23.0, < 0.23.3
  • CVE-2026-27965Vitess users with backup storage access can gain unauthorized access to production deployment environments
    from 0, <= 0.23.2